Privacy Engineering
Personal Exam Preparation for Modul Privacy Engineering at TU Berlin
Personal Exam Preparation for Modul Privacy Engineering at TU Berlin
36
0.0 (0)
Kartei Details
| Karten | 36 |
|---|---|
| Sprache | English |
| Kategorie | Informatik |
| Stufe | Universität |
| Erstellt / Aktualisiert | 24.07.2022 / 28.07.2022 |
| Lizenzierung | Keine Angabe |
| Weblink |
https://card2brain.ch/box/20220724_privacy_engineering
|
| Einbinden |
<iframe src="https://card2brain.ch/box/20220724_privacy_engineering/embed" width="780" height="150" scrolling="no" frameborder="0"></iframe>
|
GDPR: 9 Principles
- Lawfulness
- Purpose Limitation
- Data Minimisation
- Transparency
- Accuracy
- Security
- Accountability
- Data Portability
- Enforcement
GDPR Principles: Lawfulness
GDPR Principles: Lawfulness
- Any processing of personal data must be explicitly legitimised – either by legal admission or by individually given consent.
GDPR - Consent Based Legitimation
- sufficiently specific in matters of
- data,
- purpose(s) and
- controller,
- to be given freely and unambiguously,
- to be based on a well-informed decision.
GDPR Principles: Purpose Limitation
GDPR Principles: Purpose Limitation
- Personal data may only be processed for the explicit and well-specified purposes it was originally collected for.
- It may also be used for other purposes as long as these are “compatible” with the initial one, whereas compatibility of purposes depends on various factors that must be taken into account on a per-case basis.
GDPR Principles: Data Minimisation (incl. necessity)
GDPR Principles: Data Minimisation (incl. necessity)
- data processed limited to the absolute minimum necessary for fulfilling the intended purposes
- this includes:
- amount of data
- “person-relatedness”
- number of parties able to access it.
GDPR Principles: Transparency
GDPR Principles: Transparency
- Data subjects must be provided with easily intelligible information about the conditions framing the processing of personal data.
- this includes information about
- data categories,
- purposes,
- storage durations,
- safeguards,
- functioning of automated decision-making and profiling.
GDPR Principles: Accuracy
GDPR Principles: Accuracy
- Personal data must be accurate and kept up to date. Data subjects shall be provided with means for letting inaccurate data about them be rectified, completed, deleted, or – in case of accuracy being contested temporarily blocked.
- Only means that are reasonable with regard to the purpose of processing must actually be implemented.
GDPR Principles: Security - Confidentiality, Integrity, Availability (CIA)
GDPR Principles: Security - Confidentiality, Integrity, Availability (CIA)
- Personal data must be subject to appropriate technical and organizational security measures directed at established security goals like confidentiality, integrity, or availability.
- The appropriateness of a certain security measure, in turn, depends on multiple further factors, particularly including the costs of implementation.
